#include "pcap.h"
#include <winsock.h>
/* void main()//取得网络设备列表
{
pcap_if_t *alldevs;
pcap_if_t *d;
int i=0;
char errbuf[PCAP_ERRBUF_SIZE];
//取得网络设备列表
if(pcap_findalldevs(&alldevs,errbuf)==-1)
{
fprintf(stderr,"Error in pcap_findalldevs:%s\n",errbuf);
exit(1);
}
//显示网络设备列表
for(d=alldevs;d;d=d->next)
{
printf("%d",++i);
printf(" ");
printf("%s",d->name);
printf(" ");
if(d->description)
printf("(%s)\n",d->description);
else
printf("(No description available)\n");
}
if(i==0)
{
printf("\nNo interfaces found!Make sure WinPcap is installed.\n");
return;
}
pcap_freealldevs(alldevs);
}*/
/*void ifprint(pcap_if_t *d);
char *iptos(u_long in);
int main()//取得网络设备信息
{
pcap_if_t *alldevs;
pcap_if_t *d;
int i=0;
char errbuf[PCAP_ERRBUF_SIZE];
//取得网络设备列表
if(pcap_findalldevs(&alldevs,errbuf)==-1)
{
fprintf(stderr,"Error in pcap_findalldevs:%s\n",errbuf);
exit(1);
}
//扫描并显示列表内容
for(d=alldevs;d;d=d->next)
ifprint(d);
return 1;
}
void ifprint(pcap_if_t *d)
{
pcap_addr_t *a;
//网络接口名
printf("%s\n",d->name);
//网络接口描述
if(d->description)
printf("\tDescription: %s\n",d->description);
//Loopback地址
printf("\tLoopback:%s\n",(d->flags&PCAP_IF_LOOPBACK)?"yes":"no");
//IP地址
for(a=d->addresses;a;a=a->next)
{
printf("\tAddress Family:#%d\n",a->addr->sa_family);
switch(a->addr->sa_family)
{
case AF_INET:
printf("\tAddress Family Name:AF_INET\n");
if(a->addr)
printf("\tAddress:%s\n",iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr));
if(a->netmask)
printf("\tNetmask:%s\n",iptos(((struct sockaddr_in *)a->netmask)->sin_addr.s_addr));
if(a->broadaddr)
printf("\tBroadcast Address:%s\n",iptos(((struct sockaddr_in *)a->broadaddr)->sin_addr.s_addr));
if(a->dstaddr)
printf("\tDestination Address:%s\n",iptos(((struct sockaddr_in *)a->dstaddr)->sin_addr.s_addr));
break;
default:
printf("\tAddress Family Name:Unknown\n");
break;
}
}
printf("\n");
}
//数字IP地址转换成字符串
#define IPTOSBUFFERS 12
char *iptos(u_long in)
{
static char output[IPTOSBUFFERS][3*4+3+1];
static short which;
u_char *p;
p=(u_char *)∈
which=(which+1==IPTOSBUFFERS?0:which+1);
sprintf(output[which],"%d","%d","%d","%d",p[0],p[1],p[2],p[3]);
return output[which];
}*/
/*void packet_handle(u_char *param,const struct pcap_pkthdr *header,const u_char *pkt_data);
int main()//打开网络适配器和捕获数据包
{
pcap_if_t *alldevs;
pcap_if_t *d;
int i=0;
int inum;
pcap_t *adhandle;
char errbuf[PCAP_ERRBUF_SIZE];
//取得网络设备列表
if(pcap_findalldevs(&alldevs,errbuf)==-1)
{
fprintf(stderr,"Error in pcap_findalldevs:%s\n",errbuf);
exit(1);
}
//显示网络设备列表
for(d=alldevs;d;d=d->next)
{
printf("%d",++i);
printf(" ");
printf("%s",d->name);
printf(" ");
if(d->description)
printf("(%s)\n",d->description);
else
printf("(No description available)\n");
}
if(i==0)
{
printf("\nNo interfaces found!Make sure WinPcap is installed.\n");
return 0;
}
printf("Enter the interface number(1-%d)",i);
scanf("%d",&inum);
if(inum<0||inum>i)
{
printf("\nInterface number out of range.\n");
//释放设备列表
pcap_freealldevs(alldevs);
return -1;
}
for(d=alldevs,i=0;i<inum-1;d=d->next,i++);
if((adhandle=pcap_open_live(d->name,65536,1,1000,errbuf))==NULL)
{
fprintf(stderr,"\nUnable to open the adapter.%sis not supported by WinPcap\n");
pcap_freealldevs(alldevs);
return -1;
}
printf("\nlistening on %s...\n",d->description);
pcap_freealldevs(alldevs);
//开始捕获数据包
pcap_loop(adhandle,0,packet_handle,NULL);
return 0;
}
void packet_handle(u_char *param,const struct pcap_pkthdr *header,const u_char *pkt_data)
{
struct tm *ltime;
char timestr[16];
//转换时间格式
ltime=localtime(&header->ts.tv_sec);
strftime(timestr,sizeof timestr,"%H:%M:%S",ltime);
printf("%s,%.6d len:%d\n",timestr,header->ts.tv_usec,header->len);
}
*/
/*
typedef struct ip_address
{
u_char byte1;
u_char byte2;
u_char byte3;
u_char byte4;
}ip_address;
typedef struct ip_header
{
u_char ver_ihl;
u_char tos;
u_short tlen;
u_short identification;
u_short flags_fo;
u_char ttl;
u_char proto;
u_short crc;
ip_address saddr;
ip_address daddr;
u_int op_pad;
}ip_header;
//UDP头
typedef struct udp_header
{
u_short sport;
u_short dport;
u_short len;
u_short crc;
}udp_header;
void packet_handle(u_char *param,const struct pcap_pkthdr *header,const u_char *pkt_data);
int main()//解释网络数据包
{
pcap_if_t *alldevs;
pcap_if_t *d;
int i=0;
int inum;
pcap_t *adhandle;
char errbuf[PCAP_ERRBUF_SIZE];
u_int netmask;
char packet_filter[]="ip and udp";
struct bpf_program fcode;
//取得网络设备列表
if(pcap_findalldevs(&alldevs,errbuf)==-1)
{
fprintf(stderr,"Error in pcap_findalldevs:%s\n",errbuf);
exit(1);
}
//显示网络设备列表
for(d=alldevs;d;d=d->next)
{
printf("%d",++i);
printf(" ");
printf("%s",d->name);
printf(" ");
if(d->description)
printf("(%s)\n",d->description);
else
printf("(No description available)\n");
}
if(i==0)
{
printf("\nNo interfaces found!Make sure WinPcap is installed.\n");
return 0;
}
printf("Enter the interface number(1-%d)",i);
scanf("%d",&inum);
if(inum<0||inum>i)
{
printf("\nInterface number out of range.\n");
//释放设备列表
pcap_freealldevs(alldevs);
return -1;
}
for(d=alldevs,i=0;i<inum-1;d=d->next,i++);
if((adhandle=pcap_open_live(d->name,65536,1,1000,errbuf))==NULL)
{
fprintf(stderr,"\nUnable to open the adapter.%sis not supported by WinPcap\n");
pcap_freealldevs(alldevs);
return -1;
}
//检查链路层是否是以太网
if(pcap_datalink(adhandle)!=DLT_EN10MB)
{
fprintf(stderr,"\nThis program works on
pcap_freealldevs(alldevs);
return -1;
}
if(d->addresses!=NULL)
netmask=((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr;
else
netmask=0xffffff;
//编译过滤器
if(pcap_compile(adhandle,&fcode,packet_filter,1,netmask)<0)
{
fprintf(stderr,"\nUnable to compile the packet filter.Check the syntax.\n");
pcap_freealldevs(alldevs);
return -1;
}
//设置过滤器
if(pcap_setfilter(adhandle,&fcode)<0)
{
fprintf(stderr,"\nError setting the filter.\n");
pcap_freealldevs(alldevs);
return -1;
}
printf("listening on %s...\n",d->description);
pcap_freealldevs(alldevs);
pcap_loop(adhandle,0,packet_handle,NULL);
return 0;
}
void packet_handle(u_char *param,const struct pcap_pkthdr *header,const u_char *pkt_data)
{
struct tm *ltime;
char timestr[16];
ip_header *ih;
udp_header *uh;
u_int ip_len;
u_short sport;
u_short dport;
//转换时间格式
ltime=localtime(&header->ts.tv_sec);
strftime(timestr,sizeof timestr,"%H:%M:%S",ltime);
printf("%s,%.6d len:%d\n",timestr,header->ts.tv_usec,header->len);
ih=(ip_header *)(pkt_data+14);
ip_len=(ih->ver_ihl&0xf)*4;
uh=(udp_header *)((u_char *)ih+ip_len);
sport=ntohs(uh->sport);
dport=ntohs(uh->dport);
//显示IP地址和UDP端口号
printf("%d.%d.%d.%d.%d-> %d.%d.%d.%d.%d\n",
ih->saddr.byte1,ih->saddr.byte2,ih->saddr.byte3,ih->saddr.byte4,sport,
ih->daddr.byte1,ih->daddr.byte2,ih->daddr.byte3,ih->daddr.byte4,dport);
}*/
/*
void packet_handle(u_char *dumpfile,const struct pcap_pkthdr *header,const u_char *pkt_data);
int main(int argc,char **argv)//将数据包保存在文件中
{
pcap_if_t *alldevs;
pcap_if_t *d;
int i=0;
int inum;
pcap_t *adhandle;
char errbuf[PCAP_ERRBUF_SIZE];
pcap_dumper_t *dumpfile;
//检查命令行参数
if(argc!=2)
{
printf("usage:%s filename",argv[0]);
return -1;
}
//取得网络设备列表
if(pcap_findalldevs(&alldevs,errbuf)==-1)
{
fprintf(stderr,"Error in pcap_findalldevs:%s\n",errbuf);
exit(1);
}
//显示网络设备列表
for(d=alldevs;d;d=d->next)
{
printf("%d",++i);
printf(" ");
printf("%s",d->name);
printf(" ");
if(d->description)
printf("(%s)\n",d->description);
else
printf("(No description available)\n");
}
if(i==0)
{
printf("\nNo interfaces found!Make sure WinPcap is installed.\n");
return 0;
}
printf("Enter the interface number(1-%d)",i);
scanf("%d",&inum);
if(inum<0||inum>i)
{
printf("\nInterface number out of range.\n");
//释放设备列表
pcap_freealldevs(alldevs);
return -1;
}
for(d=alldevs,i=0;i<inum-1;d=d->next,i++);
if((adhandle=pcap_open_live(d->name,65536,1,1000,errbuf))==NULL)
{
fprintf(stderr,"\nUnable to open the adapter.%sis not supported by WinPcap\n");
pcap_freealldevs(alldevs);
return -1;
}
//检查链路层是否是以太网
if(pcap_datalink(adhandle)!=DLT_EN10MB)
{
fprintf(stderr,"\nThis program works on
pcap_freealldevs(alldevs);
return -1;
}
//打开文件
dumpfile=pcap_dump_open(adhandle,argv[1]);
if(dumpfile==NULL)
{
fprintf(stderr,"\nError opening output file\n");
return -1;
}
printf("\nlistening on %s...\n",d->description);
pcap_freealldevs(alldevs);
//捕获开始
pcap_loop(adhandle,0,packet_handle,(unsigned char *)dumpfile);
return 0;
}
void packet_handle(u_char *dumpfile,const struct pcap_pkthdr *header,const u_char *pkt_data)
{
pcap_dump(dumpfile,header,pkt_data);
}
*/
#include<stdio.h>
#define LINE_LEN 16
void dispatcher_handler(u_char *,const struct pcap_pkthdr *,const u_char *);
int main(int argc,char **argv)//将数据包显示出来
{
pcap_t *fp;
char errbuf[PCAP_ERRBUF_SIZE];
if(argc!=2)
{
printf("usage:%s filename",argv[0]);
return -1;
}
//打开捕获的文件
if((fp=pcap_open_offline(argv[1],errbuf))==NULL)
{
fprintf(stderr,"\nError opening dump file\n");
return -1;
}
//读取并显示文件中的数据包
pcap_loop(fp,0,dispatcher_handler,NULL);
return 0;
}
void dispatcher_handler(u_char *temp1,const struct pcap_pkthdr *header,const u_char *pkt_data)
{
u_int i=0;
//显示pkt时间和长度
printf("%ld:%ld(%ld)\n",header->ts.tv_sec,header->ts.tv_usec,header->len);
//显示数据包
for(i=0;(i<header->caplen+1);i++)
{
printf("%.2x",pkt_data[i-1]);
if((i%LINE_LEN)==0)
printf("\n");
}
printf("\n\n");
}
本文来自CSDN博客,转载请标明出处:http://blog.csdn.net/zhw888888/archive/2009/03/15/3991529.aspx